File sblim-wbemcli-allow-tls.patch of Package sblim-wbemcli

diff -urEbwB sblim-wbemcli-1.6.2/CimCurl.cpp sblim-wbemcli-1.6.2.new/CimCurl.cpp
--- sblim-wbemcli-1.6.2/CimCurl.cpp	2009-03-04 20:10:54.000000000 +0100
+++ sblim-wbemcli-1.6.2.new/CimCurl.cpp	2016-05-10 14:53:59.423867376 +0200
@@ -165,8 +165,36 @@
     rv = curl_easy_setopt(mHandle, CURLOPT_SSL_VERIFYHOST, 0);
     //    rv = curl_easy_setopt(mHandle, CURLOPT_SSL_VERIFYPEER, 0);
     
-    /* Force using SSL V3 */
-    rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, 3);    
+    /* Force use of a specific SSL/TLS version */
+    char * curlSslVer = getenv("WBEMCLI_CURL_SSLVERSION");
+    if (curlSslVer) {
+      if (!strcasecmp(curlSslVer,"SSLv2"))
+        rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv2);
+      else if (!strcasecmp(curlSslVer,"SSLv3"))
+        rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv3);
+      else if (!strcasecmp(curlSslVer,"TLSv1"))
+        rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
+      else if (!strcasecmp(curlSslVer,"TLSv1.0") || !strcasecmp(curlSslVer,"TLSv1_0"))
+#if LIBCURL_VERSION_NUM >= 0x072200
+        rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_0);
+#else
+        throw URLException("WBEMCLI_CURL_SSLVERSION=TLSv1.0 requires libcurl 7.34 or greater");
+#endif
+      else if (!strcasecmp(curlSslVer,"TLSv1.1") || !strcasecmp(curlSslVer,"TLSv1_1"))
+#if LIBCURL_VERSION_NUM >= 0x072200
+        rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_1);
+#else
+        throw URLException("WBEMCLI_CURL_SSLVERSION=TLSv1.1 requires libcurl 7.34 or greater");
+#endif
+      else if (!strcasecmp(curlSslVer,"TLSv1.2") || !strcasecmp(curlSslVer,"TLSv1_2"))
+#if LIBCURL_VERSION_NUM >= 0x072200
+        rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
+#else
+        throw URLException("WBEMCLI_CURL_SSLVERSION=TLSv1.2 requires libcurl 7.34 or greater");
+#endif
+      else
+        throw URLException("unknown WBEMCLI_CURL_SSLVERSION");
+    }
 
     /* Set username and password */
     if (url.user.length() > 0 && url.password.length() > 0) {
diff -urEbwB sblim-wbemcli-1.6.2/man/wbemcli.1.pre.in sblim-wbemcli-1.6.2.new/man/wbemcli.1.pre.in
--- sblim-wbemcli-1.6.2/man/wbemcli.1.pre.in	2009-06-20 01:10:57.000000000 +0200
+++ sblim-wbemcli-1.6.2.new/man/wbemcli.1.pre.in	2016-05-10 14:56:57.495339650 +0200
@@ -554,6 +554,15 @@
 	wbemcli gi 'myCimom/root/cimv2:rpm_package.name="glibc"'
 .PP
 
+.SH ENVIRONMENT
+.TP
+.B WBEMCLI_CURL_SSLVERSION
+Specifies the SSL protocol that will be used.
+Valid values are SSLv2, SSLv3, TLSv1, TLSv1.0 (TLSv1_0), TLSv1.1 (TLSv1_1)
+or TLSv1.2 (TLSv1_2).
+If this variable is not set, wbemcli will attempt to figure out the
+remote SSL protocol version.
+
 .SH FILES
 .TP
 .I @CACERT@
Places

File sblim-wbemcli-allow-tls.patch of Package sblim-wbemcli

Places
